Title: Capital Planning and Investment Control Processes and Budget Reporting Circular A11, Sections 31, 52
1Capital Planning and Investment Control Processes
and Budget ReportingCircular A-11, Sections 31,
52, 53, 100 and 300
- Office of Management Budgets
- Office of Information and Regulatory Affairs
(OIRA), Office of Federal Financial Management
(OFFM), and Office of Federal Procurement Policy
2Agenda
- Associate Director for IT and e-Gov, Mr. Mark
Forman - Information Policy and Technology Branch Staff
- Office of Federal Procurement Policy Staff
- Office of Federal Financial Management Staff
3Legislative and Policy Framework
- Budget Enforcement Act of 1990
- Chief Financial Officers Act of 1990
- Government Performance Results Act of 1993
- Federal Acquisition Streamlining Act of 1994
(Title V) - Paperwork Reduction Act of 1995
- Federal Financial Management Improvement Act of
1996 - Clinger-Cohen Act of 1996 (ITMRA FARA)
- Balanced Budget Act of 1997
- Government Paperwork Elimination Act of 1998
- Circular A-11, Preparation and Submission of
Budget Estimates - Circular A-123, Management Accountability and
Control - Circular A-127, Financial Management Systems
- Circular A-130, Management of Federal Information
Resources - OMB memorandum M-97-02 dated October 25, 1996,
Funding Information Systems Investments - OMB memorandum M-00-07 dated February 28, 2000,
Incorporating and Funding Security in Information
Systems Investments
4And in plain English?
- WE --
- have a finite amount of money (BEA, BBA)
- must focus on agency mission, strategic goals,
performance outcomes (GPRA and CCA) - make strategic decisions about fiscal investments
(PRA) - to get the biggest bang for the buck (CCA)
- then deliver on our commitment (FASA V)
5What is Capital Planning and Investment Control?
- A disciplined process that --
- Links planning to budgeting to procurement to
operations, maintenance and management-in-use
(full life-cycle) - Is results-oriented and performance-based
- Is synonymous with capital programming
6IT and OMB Circular A-11
- Section 31 Compliance with Administration
Policies and Other General Requirements,
addresses CPIC, IT Security and Privacy and GPEA.
- Section 100
- Section 52, 53, and 300
7Security
- Security is an integral part of an agencys
business operations - Security must enable and not inhibit these
operations. - Plans to fund and manage security must be built
into life-cycle budgets for information systems
8Security
- Section 31.8, Performance indicators, goals, and
management improvement - Estimates should reflect OMB security policies,
NIST guidance, including the Security Act. - Demonstrate costs are incorporated throughout the
life-cycle phases of the system. - Demonstrate that risks are continually assessed.
9Security -- Section 31.8
- Demonstrate that controls are commensurate with
risk and magnitude of harm. - Identify additional controls for systems that
promote public access and interconnected systems. - Demonstrate the use of controls and
authentication tools to protect privacy for
systems that promote/permit public access. - Demonstrate that the handling of personal
information is consistent with govt-wide and
agency policies.
10Security
- Exhibit 53s
- Must report security costs per system.
- 0 no security controls
- What are security costs?
- 1. Products, procedures, personnel, etc. that
are primarily dedicated to or used for provision
of security controls - employee training, security inspections and
audits, vulnerability and penetration testing.
11Security -- Section 53
- 2. Products, procedures, personnel, etc. that
have as an integral component a quantifiable
benefit to security - privacy training, system/program evaluations.
12Security
- Capital Asset Plans - FY03 Changes
- Incorporated the Govt Info Security Reform Act
- Can you confirm that the security of this system
meets the requirements of the Security Act? - Were any weaknesses identified for this project?
13Security -- Section 300
- Section E. Security and Privacy
- OMB M 00-07, Incorporating and Funding Security
in Information Systems Investments - Demonstrate costs are incorporated throughout the
life-cycle phases of the system. - Demonstrate that risks are continually assessed.
- Demonstrate that controls are commensurate with
risk and magnitude of harm.
14Security -- Section 300
- Identify additional controls for systems that
promote public access and interconnected systems. - Demonstrate the use of controls and
authentication tools to protect privacy for
systems that promote/permit public access. - Demonstrate that the handling of personal
information is consistent with govt-wide and
agency policies.
15Security
- Government Information Security Reform Act
- Agency executive summaries and supporting
documentation are due to OMB on Sept. 10th. - OMB will use the information provided by agencies
to assist with budget decisions. - Information reported in the executive summary
should match information in budget submissions.
16Security -- Govt Info Security Reform Act
- Identify agencys total security funding in the
FY02 budget request. - This should include a breakdown of security costs
by each major operating division or bureau and
include critical infrastructure protection costs
that apply to the protection of government
operations and assets.
17E-Government and GPEA Budget
The Administrations FY 2002 budget calls on
agencies to create an electronic government that
is
- Citizen-Centered
- Results-Oriented
- Market-Based
OMB Logo
18E-Government and GPEA Legislation
- Provide customer service in a fundamentally
better way - Re-engineer business process around technology
and customers.
When we combine these laws we get
Arrow Left
GPRA
PRA
Clinger -Cohen
GPEA
CUSTOMER SERVICE
- LESS TIME TO ACCESS
- EASIER TO FILL
- FASTER TO SUBMIT
- QUICKER RESPONSE AND INERNAL PROCESSING
Chart With Levels of Service GPRAlt PRA,
Clinger-Cohen, GPEA
19E-Government and GPEA The Act (GPEA) P.L. 105-277
(Title VII)
- Agencies to automate interactions with outside
partners/customers by October 2003 to the extent
practicable. - Electronic signatures should not be denied legal
effect because electronic. - Encourages electronic filing, electronic record
keeping, and electronic signatures.
20E-Government and GPEA Section 31.8 Performance
- See OMB guidance M-00-10, OMB Procedures and
Guidance on Implementing the Government Paperwork
Elimination Act http//www.cio.gov/Documents/impl
ementation_gpea.html - Performance of E-gov is ONLY performance of the
program - reduce cost, decrease time, raise productivity
21E-Government and GPEASection 300
- Describe linkages to agency GPEA plan
- Weigh the magnitude of the risk and select an
appropriate combination of technology and
practice to cost-effectively minimize risk and
maximize benefits to agency and to customers. - Prioritize projects by net benefit
- Re-design existing business process around these
new technologies and needs of users. - Include any OMB Control numbers from PRA
22E-Government and GPEAExhibit 53
- Ensure that spending on IT prioritizes and
manages e-Government projects effectively through
your agency's capital planning process and
enterprise architecture. - Ensure that initiatives create a citizen centered
electronic presence - Advance an e-Government strategy that includes
specific outcomes to be achieved.
23Enterprise Architecture
- A strategic information asset base, which defines
the mission, the business processes necessary to
perform the mission, the data required to perform
the processes, the applications required to
manage the data, the technologies required to
manage the applications, and transitional
processes for modernizing.
24Enterprise Architecture
- CCA requires agency to have an EA that includes
current and to be - Technical Reference Model
- Standards Profile
- Sequencing plan using CPIC
- A-130 and the EA
- How EA is used with the CPIC
25Performance Management
- IT Investments identified, tied to strategic
goals and missions, tied to the processes it
enables, identifies the data collection and
information collection requirements, and provides
planned cost, schedule, and performance goals
that are monitored and reported.
26Privacy
- Section 31.8
- Section 53
- Section 300
- Privacy Impact Assessment
- Security and Privacy under part II.
27Budget Implementation
- OMB Circular A-11, Preparation and Submission of
Budget Estimates - Part 1 -- Budget Requests
- Budget Exhibit 52, Report on Resources for
Financial Management Activities - Budget Exhibit 53, Agency IT Investment Portfolio
- Part 2 -- Strategic Plans Annual Performance
Plans - Part 3 -- Planning, Budgeting Acquisition of
Capital Assets - Budget Exhibit 300, Capital Asset Plan
Justification - Capital Programming Guide
28Capital Planning in the Budget
- Agency Capital Plan (includes all Major Assets)
- Agency IT Investment Portfolio (Exhibit 53)
- Major IT Projects
- Financial Management System (Exhibit 300)
- Human Resources System (Exhibit 300)
- Mission Area Major Projects (Exhibit 300)
- Report on Resources for Financial Management
- Activities (Exhibit 52)
Arrow Join On Two Topics
29Capital Asset Plan (300)
- Part I Summary of Spending For Project Stages
- Part II Justification and Other Information
- A. Justification
- B. Program Management
- C. Acquisition Strategy
- D. Alternatives Analysis and Risk Management
- E. Enterprise Architecture (IT Projects Only)
- F. IT Security (IT Projects Only)
- G. Government Paperwork Elimination Act (GPEA)
(IT Projects Only)
30Capital Asset Plan (300)
- Part III Cost, Schedule, and Performance Goals
- A. Description of performance-based management
system - B. Original baseline (OMB-approved at project
outset) - C. Current baseline (applicable only if OMB
approved the changes) - D. Actual Performance and Variance from
OMB-approved baseline (Original or Current) - E. Corrective Actions
31What Do You Report?
- For New Projects
- Part I
- Part II-- Sections A - D (and, if IT, Sections E
- G) - Part III-- Sections A B
- For On-Going Projects (conversations with OMB
from 02) Processes and Reviews) - Part I
- Part II-- Section B (1) (and, if IT, Sections E -
G) - Part III-- Sections A, B, D (and Sections C
E, if applicable) - NOTE Section A should be updated if changed
circumstances affect justification for project.
32IT Exhibits
- Exhibits are Question and Answer Format
- All Electronic Submissions
- Automated for agencies using I-TIPS (52, 53, and
300) - Spreadsheets will be provided on cio.gov
- A-11 includes CCA requirements
- OMB Meeting with Agencies on CPIC
- Areas to Improve and specifics for FY2003 Budget
Submission
33Capital Asset Plans (IT Specific)
- Unique Project ID
- Financial Management Criteria
- GISRA Requirements
- 300-A and 300-B combined
- Triumverate (CIO, CFO, PE)
- Enterprise Architecture
- IT Security and Privacy
- GPEA
34Agency IT Investment Portfolio (Exhibit 53)
- 53.1 Why must I Report?
- 53.2 What special Terms must I know?
- 53.3 How do I determine whether I must report?
- 53.4 How do I submit the Exhibit 53 and when is
it due? - 53.5 If I submitted the Exhibit last year, how do
I revise it this year? - 53.6 How is the Exhibit organized?
- 53.7 How is the Exhibit Coded?
- 53.8 What are the steps to complete the Exhibit?
35Section 52 Information on Financial Management
- 52.1 What are the general reporting requirements?
- 52.2 What other reporting requirements does this
fulfill? - 52.3 Who must report financial management
information and when is it due? - 52.4 What materials are required in the budget
justification and why? - 52.5 What is the report on resources for
financial management activities (exhibit 52) and
why must I submit it?
36Section 52 Continued...
- 52.6 What are the line descriptions and coding
for exhibit 52? - 52.7 How do I check my exhibit 52 data for
consistency? - 52.8 How do I submit exhibit 52 and when is it
due? - Additional Changes or concerns
- Minor changes in the format for Exhibit 52 since
last year - Exhibits 52 must be provided electronically to
Exhibit52_at_omb.eop.gov.
37OMB Circulars A-11 and A-130Pulling it all
together. . .
- IRM Strategic Plan (Paperwork Reduction Act)
- Enterprise Architecture (Clinger-Cohen Act)
- Documented CPIC Process (Clinger-Cohen Act)
- Agency Capital Plan (Circulars A-11 and A-130)
- CAPs, Agency IT Portfolio, Report of Financial
Management Activities and attendant documents,
Transforming the Agency discussion, and CPIC
Control (all IT Investments). - All Section 52, 53, and 300 documents updated to
reflect Presidents Decisions and resubmitted.
38Questions or Comments?
- OFPP - Yvette Garner ygarner_at_omb.eop.gov
- OIRA - William McVay wmcvay_at_omb.eop.gov
- OFFM - Jean Holcombe jholcomb_at_omb.eop.gov
- To send Exhibits to OMB
- Exhibit53_at_omb.eop.gov
- Exhibit52_at_omb.eop.gov
- Exhibit300_at_omb.eop.gov